Deutsche Telekom Services Europe Romania (DTSE Romania)
Linkedin · Posted 6d ago
Security and Pentester Specialist
Continue to application
Add your email once, then Caio opens the original posting.
Indexed description
Key Responsibilities
- Develop and maintain detection rules and use cases across security monitoring platforms (SIEM, EDR, NDR, cloud security tools).
- Analyse emerging threats and translate them into actionable detection logic.
- Continuously improve detection coverage based on threat intelligence, incident trends, and vulnerability exposure.
- Monitor security alerts and identify suspicious activities that may indicate malicious behaviour.
- Investigate anomalous events and determine whether they represent real security threats.
- Work closely with SOC analysts and incident responders to ensure detections support effective investigations.
- Carrying out penetration tests as well as security investigations, creation of test reports and development of test automation tools
- Preparing systematic pentest reports
- Designing and performing safety investigations in the task field
- Analysing, interpreting results as well as developing solution proposals, if necessary with the customer, in the task field
- Reduce false positives by tuning detection rules and correlation logic
- Collaborating in automation projects; creating tools for test automation and better reproducibility of attacks that have already been carried out
- Tracking and troubleshooting user issues or tasks and incidents
- Contributing industry-specific and/or technological know-how (knowledge transfer)
- Being involved in projects or managing sub-projects
- Create, review, maintain and update documentation including Documenting & Publishing fixes in central knowledge base
- Work with global teams to provide consistent processes and solutions
- Security Information and Event Management (SIEM)
- Microsoft Sentinel
- Splunk Enterprise Security
- Endpoint Detection and Response (EDR/XDR)
- Microsoft Defender XDR
- CrowdStrike Falcon
- Network and Infrastructure Detection
- Network Detection and Response (NDR) platforms
- Intrusion Detection / Intrusion Prevention Systems (IDS/IPS)
- Firewall, proxy, VPN, and network telemetry solutions
- Cloud and Identity Security Monitoring
- Microsoft Entra / Azure AD logs
- Microsoft 365 security telemetry
- Threat Intelligence and Detection Engineering
- Threat intelligence platforms and indicator feeds
- MITRE ATT&CK mapping and detection use case libraries
- IOC/IOA-based detection content
- Bachelor’s degree in information technology, Computer Science or a related discipline
- 5+ years of experience in data leakage analysis for an enterprise network, cybersecurity monitoring, detection engineering, or SOC operations.
- Strong background of architecting, engineering and automating security solutions for a global environment of focusing on Data Leakage Solutions
- Log analysis and event correlation
- Detection rule development
- Advance knowledge of security monitoring tools (SIEM, EDR/XDR, NDR)
- Good scripting knowledge (Python, PowerShell, or similar)
- Knowledge of common attack techniques and tactics
- Understanding of network protocols and system behaviour
- Understanding of SIEM integrations
- General knowledge of infrastructure (LDAP, Group Policy, Kerberos, Active Directory, etc.) and networking (routing, firewalls, OSI Model, packet trace and analysis, etc.)
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search
Want help applying to roles like this?
Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent